Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/56045C5A383A11EEABD4D919C4F9AE02.roa
File: 56045C5A383A11EEABD4D919C4F9AE02.roa (raw, json)
Hash identifier: RNrFP2173UqLlfdeOFRgWGwzDxKdY6ukhif+i8DbC4M=
Subject key identifier: 87:5B:0D:D4:40:79:F1:BA:61:4B:C5:D7:D9:98:AB:A4:83:75:CD:48
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 8735
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/56045C5A383A11EEABD4D919C4F9AE02.roa
Signing time: Thu 09 May 2024 10:17:38 +0000
ROA not before: Thu 09 May 2024 10:17:38 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 132925
IP address blocks: 43.249.188.0/24 maxlen: 24
43.249.189.0/24 maxlen: 24
103.135.120.0/23 maxlen: 24
103.161.12.0/23 maxlen: 24
103.169.80.0/23 maxlen: 24
103.171.56.0/23 maxlen: 24
103.172.6.0/23 maxlen: 24
103.172.12.0/23 maxlen: 24
103.172.198.0/23 maxlen: 24
103.172.224.0/23 maxlen: 24
103.172.228.0/24 maxlen: 24
103.172.229.0/24 maxlen: 24
103.173.18.0/23 maxlen: 24
103.173.48.0/23 maxlen: 24
103.173.68.0/23 maxlen: 24
103.233.26.0/24 maxlen: 24
103.233.27.0/24 maxlen: 24
103.236.108.0/24 maxlen: 24
103.236.109.0/24 maxlen: 24
103.236.110.0/24 maxlen: 24
103.236.111.0/24 maxlen: 24
150.129.1.0/24 maxlen: 24
210.16.101.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 23 May 2024 15:40:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 34613 (0x8735)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 9 10:17:38 2024 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=663ca2c2-0168
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:37:60:87:3a:8d:ff:35:00:03:45:2f:55:82:
8b:78:c6:25:08:f6:c4:9d:21:5c:18:51:6e:e8:e5:
5a:25:40:de:64:41:bd:f8:1f:4f:cc:31:50:72:a1:
d4:a8:ba:14:0e:fc:12:05:0d:8d:42:36:92:38:b3:
1e:8c:e8:1c:17:bf:06:de:a0:6c:d4:e0:11:00:52:
b4:98:a2:9c:f2:66:08:67:1a:5c:28:69:f9:16:1a:
5f:5a:8f:87:0f:8a:8c:66:7f:c2:ee:c1:b7:18:83:
90:27:5d:e3:a9:8e:82:69:29:36:3f:b5:42:24:0b:
08:1f:b0:ca:8e:02:bf:3e:b0:ae:7e:ab:35:73:07:
30:94:7a:05:4c:c3:c0:d1:be:78:b3:ba:80:26:2a:
2a:b2:b6:0e:0c:1b:09:85:e3:47:f0:5d:5a:83:b0:
51:72:fe:68:ab:54:d9:30:ea:e6:ef:8f:e9:af:05:
a3:14:a0:dd:f3:4f:b5:95:cf:37:57:32:bf:f0:50:
6b:7f:2d:85:64:d1:07:cc:e8:b7:10:7c:19:ba:cc:
e7:b2:38:07:80:6c:07:f9:4e:b7:ed:4e:99:df:00:
2c:7b:40:bb:b6:03:2c:5c:5e:b5:a8:f5:1b:96:ea:
e8:65:e1:56:b9:5a:a0:43:83:cd:60:5a:5f:9e:b2:
17:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:5B:0D:D4:40:79:F1:BA:61:4B:C5:D7:D9:98:AB:A4:83:75:CD:48
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/56045C5A383A11EEABD4D919C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.249.188.0/23
103.135.120.0/23
103.161.12.0/23
103.169.80.0/23
103.171.56.0/23
103.172.6.0/23
103.172.12.0/23
103.172.198.0/23
103.172.224.0/23
103.172.228.0/23
103.173.18.0/23
103.173.48.0/23
103.173.68.0/23
103.233.26.0/23
103.236.108.0/22
150.129.1.0/24
210.16.101.0/24
Signature Algorithm: sha256WithRSAEncryption
15:35:4d:97:63:1d:b7:ca:e2:d9:e4:b0:c7:a8:c4:0c:39:fa:
75:9a:40:15:36:50:e1:1a:a4:d3:66:fb:72:2e:38:c0:4c:2b:
d1:99:ff:1a:73:c6:cd:d5:2c:7e:19:e9:4a:26:4b:7f:50:3d:
7b:5c:02:09:d3:8f:8a:d4:18:da:6f:ce:cf:67:2a:0c:81:5f:
72:27:13:09:f3:45:2e:51:48:e3:8d:a8:d5:75:4b:4e:3a:f8:
fd:5f:e0:36:ef:43:de:6b:86:39:e2:39:77:9c:28:07:34:ef:
d2:f9:a4:dd:b2:ca:fd:d9:57:77:89:ef:ac:29:ee:82:e5:93:
d4:0c:1d:28:f2:5e:b4:05:78:c8:83:48:aa:d2:34:07:82:1c:
93:95:04:e6:6b:7a:6a:5d:e2:3b:93:ed:69:5f:04:3f:1c:d4:
5d:51:6c:6c:0a:49:52:6e:47:5d:02:57:b1:51:06:d8:ca:3a:
ed:e7:71:c0:ff:55:1e:78:81:d5:c9:ac:cf:1b:d4:f0:4c:07:
9f:46:0b:77:b0:32:d7:f1:4f:5a:5d:6b:33:36:e3:35:fe:bb:
6e:11:32:5b:19:4e:ce:29:3d:8c:da:67:af:54:69:24:53:12:
b3:78:e3:a7:a2:ad:e0:31:f5:cf:66:c6:71:0b:cb:a2:ff:4f:
77:fe:00:d2
-----BEGIN CERTIFICATE-----
MIIF0jCCBLqgAwIBAgIDAIc1MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDUwOTEwMTczOFoXDTI0MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjYzY2EyYzItMDE2ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOA3YIc6jf81AANFL1WCi3jGJQj2xJ0hXBhRbujlWiVA3mRBvfgfT8wxUHKh
1Ki6FA78EgUNjUI2kjizHozoHBe/Bt6gbNTgEQBStJiinPJmCGcaXChp+RYaX1qP
hw+KjGZ/wu7BtxiDkCdd46mOgmkpNj+1QiQLCB+wyo4Cvz6wrn6rNXMHMJR6BUzD
wNG+eLO6gCYqKrK2DgwbCYXjR/BdWoOwUXL+aKtU2TDq5u+P6a8FoxSg3fNPtZXP
N1cyv/BQa38thWTRB8zotxB8GbrM57I4B4BsB/lOt+1Omd8ALHtAu7YDLFxetaj1
G5bq6GXhVrlaoEODzWBaX56yF/sCAwEAAaOCAvUwggLxMB0GA1UdDgQWBBSHWw3U
QHnxumFLxdfZmKukg3XNSDAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzU2MDQ1QzVB
MzgzQTExRUVBQkQ0RDkxOUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMH8GCCsGAQUFBwEHAQH/
BHAwbjBsBAIAATBmAwQBK/m8AwQBZ4d4AwQBZ6EMAwQBZ6lQAwQBZ6s4AwQBZ6wG
AwQBZ6wMAwQBZ6zGAwQBZ6zgAwQBZ6zkAwQBZ60SAwQBZ60wAwQBZ61EAwQBZ+ka
AwQCZ+xsAwQAloEBAwQA0hBlMA0GCSqGSIb3DQEBCwUAA4IBAQAVNU2XYx23yuLZ
5LDHqMQMOfp1mkAVNlDhGqTTZvtyLjjATCvRmf8ac8bN1Sx+GelKJkt/UD17XAIJ
04+K1Bjab87PZyoMgV9yJxMJ80UuUUjjjajVdUtOOvj9X+A270Pea4Y54jl3nCgH
NO/S+aTdssr92Vd3ie+sKe6C5ZPUDB0o8l60BXjIg0iq0jQHghyTlQTma3pqXeI7
k+1pXwQ/HNRdUWxsCklSbkddAlexUQbYyjrt53HA/1UeeIHVyazPG9TwTAefRgt3
sDLX8U9aXWszNuM1/rtuETJbGU7OKT2M2mevVGkkUxKzeOOnoq3gMfXPZsZxC8ui
/093/gDS
-----END CERTIFICATE-----
Generated at Thu May 16 17:51:32 2024 by rpki-client on console-ams.rpki-client.org